Another Look at Extraction and Randomization of Groth’s zk-SNARK

نویسندگان

چکیده

Due to the simplicity and performance of zk-SNARKs they are widely used in real-world cryptographic protocols, including blockchain smart contract systems. Simulation Extractability (SE) is a necessary security property for NIZK argument achieve Universal Composability (UC), common requirement such protocols. Most works that investigate SE focus on its strong variant which implies proof non-malleability. In this work we relaxed weaker notion, allows randomization, while guaranteeing statement non-malleability, argue be more natural property. First, show it already achievable by Groth16, arguably most efficient deployed SNARK nowadays. Second, because this, Groth16 can efficiently transformed into black-box weakly NIZK, sufficient UC To support second claim, present compare two practical constructions, both strike different tradeoffs:

برای دانلود باید عضویت طلایی داشته باشید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Another Look at the Hypocrisy of Chaucer’s Pardoner

For us, readers of Chaucer living in an age when appeal to religious passions and sentiments as a means for the realization of worldly objectives by some charlatans has grown significantly, reviewing the theme of religious hypocrisy treated in The Canterbury Tales can be useful in a way that it proves a helpful means for recognizing and dealing with the hypocrites. The Pardoner of the Tales is ...

متن کامل

Another look at HMQV

The HMQV protocols are ‘hashed variants’ of the MQV key agreement protocols. They were introduced at CRYPTO 2005 by Krawczyk, who claimed that the HMQV protocols have very significant advantages over their MQV counterparts: (i) security proofs under reasonable assumptions in the (extended) Canetti-Krawczyk model for key exchange; and (ii) superior performance in some situations. In this paper w...

متن کامل

Another Look at Tightness

We examine a natural, but non-tight, reductionist security proof for deterministic message authentication code (MAC) schemes in the multi-user setting. If security parameters for the MAC scheme are selected without accounting for the non-tightness in the reduction, then the MAC scheme is shown to provide a level of security that is less than desirable in the multi-user setting. We find similar ...

متن کامل

Another Look at Graftels

We present a hybrid object-image algorithm for the placement of graftels in a scene. Our algorithm addresses the problem of frameto-frame coherency while maintaining image-space constraints. Graftels are attached to objects in the scene. Each graftel has a behavior function that determines its size and orientation based on the current view direction and image-space size. The placement of the gr...

متن کامل

Another Look at PMAC

We can view an existing Message Authentication Code (MAC) as a Carter-Wegman MAC in spite of the fact it may not have been designed as one. This will make the analysis easier than it has been when considered from other viewpoints. In this paper, we can look PMAC with two keys as a Carter-Wegman MAC and get a simple security proof for it. Using this viewpoint to look at PMAC, we will learn not o...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

ژورنال

عنوان ژورنال: Lecture Notes in Computer Science

سال: 2021

ISSN: ['1611-3349', '0302-9743']

DOI: https://doi.org/10.1007/978-3-662-64322-8_22